The invention relates to methods of preventing new users of an Internet Protocol (IP) based telephony service from committing fraudulent acts.
VoIP is a technological development in the field of telecommunications that is utilized to transmit voice conversations over a data network using Internet Protocol (IP) data packets rather than the existing and traditional telecommunications systems more commonly referred to as the Public Switched Telephone Network (PSTN) or Plain Old Telephone Service (POTS). Entities (e.g., businesses or individuals) implement VoIP by purchasing and installing the necessary equipment (e.g., one or more Customer Premise Equipment (CPE) devices) to access a VoIP service provider. The entities then activate this telecommunication service via a broadband Internet connection.
Transmitting voice calls over a data network is typically accomplished by converting analog voice signals into data packets. Transporting calls over computer networks allows phone calls to be transported more efficiently. Additionally, because computer network infrastructures are already in place, the cost of transporting calls over computer networks is greatly minimized. As a result, VoIP services have become pervasive.
When a new customer wishes to obtain VoIP telephony services from a VoIP service provider, the new customer would typically access the service provider through a website on the Internet, or by calling the service provider. The new customer would perform a registration process that includes providing the VoIP service provider with personal information, and making an initial payment to establish a new account. At the conclusion of the registration process, the VoIP service provider would assign a new telephone number to the customer, and a voice mailbox tied to that telephone number would be created.
In addition, the VoIP service provider would normally ship one or more IP based telephony devices to the new customer's address to provide the new customer with a means to access and use telephony services provided by the system. The IP based telephony device could be an IP telephone, or a Terminal Adapter (TA) that allows the user to make use of a normal analog telephone. The customer would receive the IP based telephony device, and the customer would connect the device to an Internet service. Typically, the user would then cause a registration process to occur so that the VoIP service provider registers the new IP based telephony device as corresponding to the new customer, and to his assigned telephone number.
In addition to the use of IP based telephony devices, customers can also install IP telephony software on general purpose computers, PCs, laptops and other devices that are connected to the Internet, and the computer can then be used to place and receive VoIP calls. Such software allows a customer to implement a “soft-phone” client on their computer which is used to access and use the telephone services.
Once a new customer has registered with a VoIP service provider, the customer will have nearly immediate access to telephony services with the newly assigned telephone number. For instance, if the new customer has installed IP based telephony software on a computer, the customer may be able to immediately place and receive calls using the newly assigned telephone number. In addition, the new customer could issue a call forwarding instruction so that any calls placed to his new number are forwarded to another telephone number. Further, people would be able to call the new telephone number and leave messages for the new customer in his new voice mailbox. And the customer would be able to access such voice messages. All of these actions could be accomplished before the new customer receives, installs and registers IP based telephony devices that are shipped to the customer after the registration process.
Because customers of a VoIP service utilize data communications to place and receive calls and to obtain other telephony services, the customers are not tied to a single physical location. Instead, customers can obtain VoIP telephony services from virtually any location where they can establish a data connection to the Internet. For instance, a customer who establishes a VoIP account in the United States could connect a VoIP enabled phone to the Internet in a country outside the United States, and still place and receive calls using their assigned telephone number. Likewise, the customer could access and play voicemail recordings that have been left in a voice mailbox established for the customer from any location in the world.
A recurring problem with VoIP services relates to the flexibility that users have regarding where they can access their VoIP telephony services. For example, an individual can subscribe to the VoIP service from an unknown location and remain anonymous while they use the VoIP services. Although new users are supposed to identify their actual name and address during the registration process, it is possible for a new customer to provide fraudulent information. So long as the initial payment provided during the registration process is received, a VoIP service provider will establish a new account for a customer, even where the information provided by the registering individual turns out to be false. Even the initial payment could be made via one or more stolen credit cards.
An individual who registers with fraudulent information will still get an assigned telephone number, as well as a voice mailbox. Until the VoIP service provider is able to discover the fraud, the individual will have access to VoIP services such as call forwarding, voicemail, a softphone client and the like. Attempts to thwart these types of fraudulent activities are not always successful because they require a period of account activity surveillance and vetting that is labor intensive and not always accurate. Additionally, previous types of fraud control such as IP address blocking are ineffective because of the technological capability of anonymizing IP addresses through various services or products.
One particular application of this fraudulent activity is in the attempted establishment of Phone Verified Accounts (PVAs) with an online classified service such as Craigslist and AutoTrader. Such online classified and marketing services attempt to prevent fraud by checking when new users request placement of a listing to ensure that the information provided by the new user is valid. Often, the only information given by a new user is a telephone number that people can call to inquire about purchasing an item the new user has advertized for sale.
Typically, the online classified service will have a third party verification service call the telephone number provided by the user, and the verification service will deliver an identification number to the new user. If no one answers such a call, the verification service will leave the identification number in a voicemail recording. The new user will then access the online classified service via the Internet, or via telephone, and provide the identification number received from the verification service. Once this occurs, the new user will have established a “Phone Verified Account” (PVA), and the user's advertisement will be posted online. The verification process attempts to ensure that the telephone number listed in an advertisement is associated with a legitimate user.
A typical fraudulent attempt to set up a Phone Verified Account with an online classified advertizing service would start with an individual first establishing a new VoIP account with a VoIP service provider. During the registration process, the individual would allege to be at a US location (address). The individual uses a stolen credit card to satisfy the initial payment. And once the initial payment goes through, they are given a Direct Inward Dialing (DID) telephone number, and a voice mailbox. The voice mailbox will be accessible via the Internet, or through a telephone voicemail interface.
The individual would then apply to sell goods and/or services through an online advertising service. To authenticate themselves, the individual gives the online advertising service the DID telephone number of the fraudulently established VoIP account.
The online advertiser would then send the DID phone number they have been given by the individual, as well as a PIN number, to an account verification service. The account verification service generates an automated call to the DID number to authenticate the individual. When the call is answered, the verification service advises the answering party that this is a verification call and provides the PIN number from the online advertiser. In some instances, the call may go into the newly established voicemail account. In other instances, the individual who established the VoIP account may have issued a call forwarding instruction that results in calls to the DID number being forwarded to another number. Regardless, the account verification service will leave the PIN number on the voicemail or give it to the person who answers a forward-to number.
The individual would then use the PIN number to verify their account with online advertiser. The individual will then have a working “Phone Verified Account”.
This PVA can then be used by the individual himself to commit further fraudulent acts, or the individual can sell the PVA over the Internet for use by others in committing fraudulent acts. Typically this involves scamming unsuspecting buyers looking for merchandise on the online advertiser's website. A scam could include an instruction to a buyer to send in a deposit to hold a new car which is being offered at a steep discount. Alternatively, the scam could involve asking buyers to pre-pay for goods that are never delivered.